Signing (intermediate) certs have been compromised before. That means a bad actor can issue fake certs that are validated up to your root ca certs
While you can invalidate that signing cert, without useful and ubiquitous revocation lists, there’s nothing you can do to propagate that.
A compromised signing certs, effectively means invalidating the ca cert, to limit the damage
Hosting email just saved the day! My ex got locked out of her email account and password resets were blocked. However she still had one “home” forwarding email configured as a recovery address, so we were able to redirect it somewhere accessible and unlock her email account!
A buddy of mine did that by ups. His “offsite backup” was a raspberry pi zip tied to a couple drives and mailed to me. All I needed to do was plug it in to power and Ethernet (and trust him on my network).
When a drive died, he mailed another one and I mailed the original back
Hah, my lab is mostly a bunch of raspberry pi’s screwed to a wall
I always thought this was an argument for properly racking everything. If it takes more effort, more time to remove, maybe they won’t bother.
My understanding is that for most individuals, theft is mainly
I do have outside cameras but they’re not as useful as you’d think. Maybe they have some deterrent value but they’re not going to alert anyone fast enough unless they’re already in the house and you’re not going to identify anyone even if you catch a good shot of their face. If the do catch someone, perhaps the video is enough to say, yep
For my use case, I’m continually fiddling with my VM config. That’s my playground, not just the services hosted there. I want home assistant to always be available so it can’t be there.
I suppose I could have a “production “ vm server that I keep stable, separately from my “dev” vm server but that would be more effort. Maybe it’s simply that I don’t have many services I want to treat as production, so the physical hardware is the cheapest and easiest option
Same here. In particular I like small cheap hardware to act as appliances, and have several raspberry pi.
My example is home assistant. Deploying on its own hardware means an officially supported management layer, which makes my life easier. It is actually running containers but i don’t have to deal with that. It also needs to be always available so i use efficient “right sized” hardware and it works regardless whether im futzing with my “lab”
The authors approach to not owning anything digital was to attempt self hosting. But the authors reaction to the amount of work was that he shouldn’t own the “self-hosting”? He does not even realize that he’s back to not owning anything
What’s your goal in using fake info? If it’s general privacy, it’s easy enough to register where your info is private to the registrar
I’m actually planning to do an evaluation of a n ai code review tool to see what it can do. I’m actually somewhat optimistic that it could do this better than it can code
I really want to sic it on this one junior programmer who doesn’t understand that you can’t just commit ai generated slop and expect it to work. This last code review after over 60 pieces of feedback I gave up on the rest and left it as he needs to understand when ai generated slop needs help
Ai is usually pretty good at unit tests but it was so bad. Randomly started using a different mocking framework, it actually mocked entire classes and somehow thought that was valid to test them. Wasting tests on non-existent constructors no negative tests, tests without verifying anything. Most of all there were so many compile errors, yet he thought that was fine
My company only allows downloads from official sources, verified publishers, signed where we can. This is enforced by only allowing the repo server to download stuff and only from places we’ve configured. In general those go through a process to reduce the chances of problems and mitigate them quickly.
We also feed everything through a scanner to flag known vulnerabilities, unacceptable licenses
If it’s fully packaged installable software, we have security guys that take a look at I have no idea what they do and whether it’s an audit
I’m actually going round in circles with this one developer. He needs an open source package and we already cache it on the repo server in several form factors, from reputable sources …… but he wants to run a random GitHub component which downloads an unsigned tar file from an untrusted source
I imagine there’s a significant chunk of users who don’t know or care how to properly open their server up to the world and are relying on the Plex proxies
That seems like the obvious place to put a subscription that won’t get people upset. Or maybe it’s in the presentation.
When HomeAssistant started a subscription, they renewed their commitment to opensource, added new remote features with obvious costs under subscription while still letting you do it yourself, plus made it clear this funded continued opensource development. I happily pay this and haven’t been disappointed. Did Plex fumble a similar opportunity?
Definitely curious as well, but so far haven’t gotten around to trying
I used to do that but it would constantly nag until I connected it
Don’t wait. Come talk to us. Yeah things are hectic with demands flooding in from all directions but we want to make your job easier and better
Also, check back in a month. Sometimes a domain squatter will just never at, hopin to flip it before the registrar takes it back
The problem is buying means nothing about whether it is legit or whether a company decides they want it. It only means you reserved it. Any disagreements are hashed out after the fact in court. It’s not a game that individuals can afford to win vs a corp
Step 0). Decide if there’s anything you dont want on a common server.
I realized long ago that my projects sometimes stall out partway through. However some things need to just work, regardless of where I am in a project. HA is a great example of something that manages itself (so less advantage to the VM) and that I want always available, so even if I decide to go down a route like you are, HA stays independent, stays available
I’m not entirely sure what those movies are like, and don’t want to know, but ……
My Mom watches horrible Hallmark stuff constantly. As far as I can tell, every movie has the same plot, they are low quality, etc. The thing is they are simple feel good movies for her. She finds them relaxing and gets good feelings from them, perfectly appropriate for “entertainment “.
If there is any parallel here, my point is that you don’t have to appreciate them for your Mom to. Why does it matter whether you agree with the movies or not: do you love her? Do you want to help her with entertainment that makes her feel good /relaxed/entertained?
As everyone else says, look at home bridge. I use HA for my automation but use the bridge to expose many devices to HomeKit.
I verified I can set up HomeKit and use family share for my family to see the dashboards I set up there